Key Findings Four new phishing kits named BlackForce, GhostFrame, InboxPrime AI, and Spiderman are capable of facilitating credential theft at scale. BlackForce is designed to steal credentials and perform Man-in-the-Browser (MitB) attacks to capture one-time passwords (OTPs) and bypass multi-factor authentication (MFA). GhostFrame uses an iframe-based approach to hide its malicious behavior and easily switch out phishing content. InboxPrime AI leverages artificial intelligen
